Cyber Incident Victim: CPTrans
Date:
Mar 2021
Location:
Brazil
Summary
A cyberattack targeted the websites of CPTrans and an educational platform used by municipal students, occurring on consecutive days. The organization's public-facing web pages were compromised, but officials confirmed all data remained publicly accessible with no unauthorized content alterations. Internal municipal systems and data were unaffected as they resided on isolated servers without external access. Technical teams restored normal operations for the transit service website while repairs continued for the education platform, with enhanced security measures implemented to prevent future breaches. No evidence suggested compromise of sensitive information or systemic network infiltration beyond the defaced public interfaces.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On March 4, 2021, the Companhia Petropolitana de Trânsito e Transportes (CPTrans) website suffered a cyber attack attributed to a hacker. The following morning, March 5, the Educa em Casa educational platform—used by Petrópolis municipal students for remote learning—was similarly compromised. Municipal authorities publicly disclosed both incidents through an official press release on March 5, characterizing them as external attacks targeting publicly accessible web properties. The city government emphasized that no internal municipal data or systems were breached during these events, as critical infrastructure operated on isolated servers without external connectivity. Both platforms hosted publicly available information, and officials confirmed attackers made no unauthorized modifications to website content despite successful disruption of services.
Petrópolis City Hall activated its Information Technology Department (DETEC) to implement immediate remediation measures following the attacks. Restoration efforts prioritized service availability, with CPTrans functionality fully restored shortly after the initial attack. The Educa em Casa platform remained under active repair at the time of the March 5 announcement. Municipal authorities implemented enhanced security protocols for electronic content management systems to prevent future external interference, though specific technical countermeasures were not disclosed. No operational impacts to transit services or educational instruction were reported beyond temporary website inaccessibility. The incident prompted public reassurances regarding data integrity, with repeated assertions that no sensitive or non-public information resided on the compromised systems.